Symantec sees major rise in "formjacking" attacks

Attacks, like the one against British Airways, are on the rise.

Shares

The amount of formjacking cyber attacks has risen 'dramatically' in the past month or two. This is according to a new report by Symantec.

Following large, eyebrow-raising cyber attacks on Ticketmaster, British Airways, Feedify and Newegg, all by a group called Magecart, Symantec analysed the threat landscape and unveiled that all of these attacks (and many more) were done using what's known as the formjacking technique.

Formjacking is a technique in which a malicious actor or group inject Java Code into the website's forms. Most often, those are check-out or payment forms on e-commerce sites. Then, when the unsuspecting victims submits their data (for example, credit card info and email address) to purchase something, this information is transferred to the attacker's servers.

Symantec claims that it has managed to block 248,000 attempts since August 13 this year. More than a third of those, 36 per cent, occurred from September 13 to September 20.

“If we compare the week of September 13 to 20 to the same week in August, the number of instances of formjacking blocked by Symantec more than doubled, jumping from just over 41,000 to almost 88,500—a percentage increase of 117 percent,” Symantec wrote in a blog post.

“Since August 13, we have blocked an average of 6,368 formjacking attempts every day.”